using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
using System.Data.Sql;

/// <summary>
/// Summary description for USERMANAGER
/// </summary>
namespace DD.Data.SQL
{
	public static class UserManager
    {
        public static bool LogUserIn(string Username, string Password)
        {
            SqlConnection conn = DataManager.GetConnection();
            conn.Open();
            SqlCommand Login = new SqlCommand();
            Login.Connection = conn;
            Login.CommandText = "LOGINUSER";
            Login.CommandType = CommandType.StoredProcedure;

           
            SqlParameter username = new SqlParameter();
            username.Direction = ParameterDirection.Input;
            username.Value = Username;
            username.ParameterName = "@USERNAME";
            username.Size = 50;
            username.SqlDbType = SqlDbType.NVarChar;
            Login.Parameters.Add(username);

            SqlParameter password = new SqlParameter();
            password.Value = Password;
            password.Size = 50;
            password.SqlDbType = SqlDbType.NVarChar;
            password.Direction = ParameterDirection.Input;
            password.ParameterName = "@PASSWORD";
            Login.Parameters.Add(password);

            SqlParameter userid = new SqlParameter();
            userid.Direction = ParameterDirection.Output;
            userid.ParameterName = "@UID";
            userid.SqlDbType = SqlDbType.Int;
            Login.Parameters.Add(userid);
           Login.ExecuteReader();
            //Login.ExecuteScalar();
           
           //SqlDataReader reader = Login.ExecuteReader();
            conn.Close();
            
            try
            {
                int UserId = (int)userid.Value;
                HttpContext.Current.Session["USERID"] = UserId;
                return true;
            }
            catch
            {
                return false;
            }
        }
        public static void AddUser(DD.Users.User user, string password)
        {

            SqlConnection conn = new SqlConnection();
            conn = DD.Data.SQL.DataManager.GetConnection();

            SqlCommand com = new SqlCommand("sp_DD_ADD_USERS", conn);
            com.CommandType = CommandType.StoredProcedure;

            SqlParameter fname = new SqlParameter("@FIRST_NAME", user.FirstName);
            fname.SqlDbType = SqlDbType.NVarChar;
            com.Parameters.Add(fname);

            SqlParameter lname = new SqlParameter("@LAST_NAME", user.LastName);
            lname.SqlDbType = SqlDbType.NVarChar;
            com.Parameters.Add(lname);

            SqlParameter email = new SqlParameter("@EMAIL", user.Email);
            email.SqlDbType = SqlDbType.NVarChar;
            com.Parameters.Add(email);

            SqlParameter phone = new SqlParameter("@PHONE", user.Phone);
            phone.SqlDbType = SqlDbType.NVarChar;
            com.Parameters.Add(phone);


            SqlParameter addr = new SqlParameter("@ADDRESS1", user.Address);
            addr.SqlDbType = SqlDbType.NVarChar;
            com.Parameters.Add(addr);

            SqlParameter addr2 = new SqlParameter("@ADDRESS2", user.Address2);
            addr2.SqlDbType = SqlDbType.NVarChar;
            com.Parameters.Add(addr2);
            
            SqlParameter city = new SqlParameter("@CITY", user.City);
            city.SqlDbType = SqlDbType.NVarChar;
            com.Parameters.Add(city);

            SqlParameter state = new SqlParameter("@STATE", user.State);
            state.SqlDbType = SqlDbType.NVarChar;
            com.Parameters.Add(state);

            SqlParameter zip = new SqlParameter("@ZIP", user.Zip);
            zip.SqlDbType = SqlDbType.Int;
            com.Parameters.Add(zip);

            SqlParameter uname = new SqlParameter("@USERNAME", user.Username);
            uname.SqlDbType = SqlDbType.NVarChar;
            com.Parameters.Add(uname);

            SqlParameter pwd = new SqlParameter("@PASSWORD", password);
            pwd.SqlDbType = SqlDbType.NVarChar;
            com.Parameters.Add(pwd);

            SqlParameter ut = new SqlParameter("@USERTYPE", user.UserType);
            ut.SqlDbType = SqlDbType.Int;
            com.Parameters.Add(ut);

            conn.Open();
            com.ExecuteNonQuery();
            conn.Close();


        }
        public static bool DeleteUser(int userid)
        {
            throw new System.NotImplementedException();
        }
    } 
}
